United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6867345 Turkish regional options cause NPE in sun.security.x509.AlgorithmId.algOID
JDK-6867345 : Turkish regional options cause NPE in sun.security.x509.AlgorithmId.algOID

Details
Type:
Bug
Submit Date:
2009-07-31
Status:
Closed
Updated Date:
2011-03-07
Project Name:
JDK
Resolved Date:
2011-03-07
Component:
security-libs
OS:
windows_xp
Sub-Component:
java.security
CPU:
x86
Priority:
P4
Resolution:
Fixed
Affected Versions:
6u14
Fixed Versions:

Related Reports
Relates:

Sub Tasks

Description
FULL PRODUCT VERSION :
java version "1.6.0_14"
Java(TM) SE Runtime Environment (build 1.6.0_14-b08)
Java HotSpot(TM) Client VM (build 14.0-b16, mixed mode, sharing)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows XP [Version 5.1.2600]

EXTRA RELEVANT SYSTEM CONFIGURATION :
Turkish regional options (under regional settings control panel)

A DESCRIPTION OF THE PROBLEM :
I tried to create instance of javax.crypto.EncryptedPrivateKeyInfo class on machine with Turkish regional options, i.e. Locale.getDefault() gives TR locale.
and the constructor fails with NullPointerexception originating from
sun.security.x509.AlgorithmId.algOID()
If regional options are changed to English, the attached code runs without any exception.
I assume that the problem has something to do with string manipulations that do not take into account the locale, like String.startsWith()
see steps to reproduce.


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
run the source code

ACTUAL -

java.lang.NullPointerException
	at sun.security.x509.AlgorithmId.algOID(AlgorithmId.java:551)
	at sun.security.x509.AlgorithmId.get(AlgorithmId.java:417)
	at javax.crypto.EncryptedPrivateKeyInfo.<init>(DashoA13*..)
	at TestTest.main(TestTest.java:63)

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
public static void main(String[] args) {
                char[] password = "somepass".toCharArray();
        PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
        byte[] salt = new byte[8];

        new SecureRandom().nextBytes(salt);

        try {
            PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, 500);

            // convert password into a SecretKey object, using a PBE key factory.
            SecretKeyFactory keyFac = SecretKeyFactory.getInstance("PBEWITHMD5ANDDES");
            SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

            // Create PBE Cipher
            Cipher pbeCipher = Cipher.getInstance("PBEWITHMD5ANDDES");

            // Initialize PBE Cipher with key and parameters
            pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

            byte[] encryptedPrivKey = pbeCipher.doFinal(new byte[]{1,2,3,4,5,6,7,8,9});

            AlgorithmParameters algo = AlgorithmParameters.getInstance("PBEWITHMD5ANDDES");

            algo.init(pbeParamSpec);

            EncryptedPrivateKeyInfo result = new EncryptedPrivateKeyInfo(algo, encryptedPrivKey);


        } catch (Exception failed) {

            failed.printStackTrace();
        }
}
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
set the locale to US_en in JVM parameters
(-Duser.country=US -Duser.language=en)

                                    

Comments
EVALUATION

In Turkish, "Alias".toUpperCase() is not "ALIAS".
                                     
2009-08-04



Hardware and Software, Engineered to Work Together